Closed PrimozRome closed 11 years ago
does it throw or log an exception silently anywhere? See https://github.com/dre1080/warden/blob/master/classes/warden/driver.php#L308-L340 and https://github.com/dre1080/warden/blob/master/classes/warden/model/user.php#L310-L347
Hmm haven't noticed any exception anywhere regarding this... I will try to debug and see why this isn't logged.
Any more info on this?
Ok I did some debugging. It's this part of code in https://github.com/dre1080/warden/blob/master/classes/warden/model/user.php#L310-L347, that sets sign_in_count to 0 at every login. Don't know why that logic is ment to be this way? Maybe you can explain?
if (\Config::get('warden.lockable.in_use') === true &&
\Config::get('warden.lockable.lock_strategy') == 'sign_in_count')
{
$this->sign_in_count = 0; // due to my config settings it always falls into this condition
} else {
$this->sign_in_count += 1;
}
My congif is:
...
'trackable' => true,
'lockable' =>
array(
'in_use' => true,
'maximum_attempts' => 10,
'lock_strategy' => 'sign_in_count',
'unlock_strategy' => 'both',
'unlock_in' => '+1 week',
'url' => 'unlock',
),
...
This is expected when using sign_in_count
as the lock_strategy
..
Note that, that piece of code only runs after successful login.
It has to be reset or else the user will eventually pass the maximum attempts and lock their account even after successful logins.
You can add a new column eg. failed_attempts
, and use that as the lock_strategy
to prevent this from happening.
I setup warden but it does not log:
even though 'trackable' is set to true in Warden config.